Arctic

Facebook

OAuth 2.0 provider for Facebook.

Also see the OAuth 2.0 guide.

Initialization

import { Facebook } from "arctic";

const facebook = new Facebook(clientId, clientSecret, redirectURI);

Create authorization URL

import { generateState } from "arctic";

const state = generateState();
const scopes = ["email", "public_profile"];
const url = facebook.createAuthorizationURL(state, scopes);

Validate authorization code

validateAuthorizationCode() will either return an OAuth2Tokens, or throw one of OAuth2RequestError, ArcticFetchError, or a standard Error (parse errors). Facebook will return an access token with an expiration.

import { OAuth2RequestError, ArcticFetchError } from "arctic";

try {
	const tokens = await facebook.validateAuthorizationCode(code);
	const accessToken = tokens.accessToken();
	const accessTokenExpiresAt = tokens.accessTokenExpiresAt();
} catch (e) {
	if (e instanceof OAuth2RequestError) {
		// Invalid authorization code, credentials, or redirect URI
		const code = e.code;
		// ...
	}
	if (e instanceof ArcticFetchError) {
		// Failed to call `fetch()`
		const cause = e.cause;
		// ...
	}
	// Parse error
}

Get user profile

Use the /me endpoint. See user fields.

const url = new URL("https://graph.facebook.com/me");
url.searchParams.set("access_token", accessToken);
url.searchParams.set("fields", ["id", "name", "picture", "email"].join(","));
const response = await fetch(url);
const user = await response.json();